Merge branch 'helm-charts' into 'master'

Replace k8s manifest with helm chart

See merge request !1

helm-charts/test-secure.conf

+# Set up Play for HTTPS and locked down allowed hosts.
+# Nothing in here is required for REST, but it's a good default.
+play {
+  http {
+    cookies.strict = true
+
+    session.secure = true
+    session.httpOnly = true
+
+    flash.secure = true
+    flash.httpOnly = true
+
+    forwarded.trustedProxies = ["::1", "127.0.0.1"]
+  }
+
+  i18n {
+    langCookieSecure = true
+    langCookieHttpOnly = true
+  }
+
+  filters {
+    csrf {
+      cookie.secure = true
+    }
+
+
+    hosts {
+
+      # A list of valid hosts (e.g. "example.com") or suffixes of valid hosts (e.g. ".example.com")
+      # Note that ".example.com" will match example.com and any subdomain of example.com, with or without a trailing dot.
+      # "." matches all domains, and "" matches an empty or nonexistent host.
+      allowed = ["192.168.99.100", "localhost", ".k8s.unibas.ch", "127.0.0.1", ".memobase.ch"]
+
+      routeModifiers {
+        # If non empty, then requests will be checked if the route does not have this modifier. This is how we enable the
+        # anyhost modifier, but you may choose to use a different modifier (such as "api") if you plan to check the
+        # modifier in your code for other purposes.
+        whiteList = ["anyhost"]
+
+        # If non empty, then requests will be checked if the route contains this modifier
+        # The black list is used only if the white list is empty
+        blackList = []
+      }
+    }
+  }
+}
\ No newline at end of file

helm-charts/values.yaml

+registry: "cr.gitlab.switch.ch"
+image: "memoriav/memobase-2020/services/externalapis/oai"
+tag: placeholder
+
+k8sName: oai
+k8sNamespace: memobase
+k8sGroupId: api
+k8sGroupName: api
+k8sEnvironment: placeholder
+k8sReplicas: placeholder
+k8sRequestsCpu: placeholder
+k8sRequestsMemory: placeholder
+k8sLimitsCpu: placeholder
+k8sLimitsMemory: placeholder
+k8sHost: placeholder
+k8sPort: placeholder
+
+elasticHostConfigs: placeholder
+elasticIndexConfigs: placeholder
+
+responseListlength: placeholder
+resumptionTokenTtl: placeholder
+
+oaiConfPath: "/app/conf/oaiconfigmap"
+secoreConfPath: "/app/conf/secureconfigmap"
\ No newline at end of file

k8s-manifests/create.configmaps.sh

-#!/usr/bin/env bash
-
-cd ../conf
-
-kubectl create cm configmap-oai-definitions --from-file ./oai.conf
-kubectl create cm configmap-oai-secure --from-file ./secure.conf
\ No newline at end of file

k8s-manifests/delete.configmaps.sh

-#!/usr/bin/env bash
-
-
-kubectl delete cm configmap-oai-definitions
-kubectl delete cm configmap-oai-secure
\ No newline at end of file

k8s-manifests/oai-prod-deploy.yaml

-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  namespace: memobase
-  name: oai-deployment
-  labels:
-    app: oai-api
-spec:
-  selector:
-    matchLabels:
-      app: oai-api
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        app: oai-api
-        tier: web
-    spec:
-      #serviceAccountName: oai-service-account #to be able to manage other pods inside the cluster
-
-      containers:
-        - name: oai-api-prod-container
-          #image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/externalapis/oai:latest
-          image: guenterh/oaimemobase:latest
-          ports:
-            - containerPort: 9000
-              name: http
-              protocol: TCP
-          imagePullPolicy: Always
-          volumeMounts:
-            - mountPath: /app/conf/oaiconfigmap
-              name: oaiconf
-            - mountPath: /app/conf/secureconfigmap
-              name: secureconf
-
-          env:
-            - name: RESPONSE_LISTLENGTH
-              value: "30"
-            - name: RESUMPTION_TOKEN_TTL
-              value: "3"
-            - name: ELASTICSEARCH_INDEX
-              value: oai-v9
-            - name: ELASTICSEARCH_HOSTS
-              value: mb-es1.memobase.unibas.ch
-            - name: ELASTICSEARCH_PORT
-              value: "8080"
-            - name: ELASTICSEARCH_CLUSTER
-              value: test-memobase-search-cluster
-      volumes:
-        - name: oaiconf
-          configMap:
-            name: configmap-oai-definitions
-            items:
-              - key: oai.conf
-                path: oai.conf
-        - name: secureconf
-          configMap:
-            name: configmap-oai-secure
-            items:
-              - key: secure.conf
-                path: secure.conf

k8s-manifests/oai-prod-ingress-oai.swissbib.ch.yaml

-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
-  namespace: memobase
-  name: oai-ingress-oai.memobase.ch
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-    nginx.ingress.kubernetes.io/rewrite-target: /
-spec:
-  tls:
-    - hosts:
-        - oai.memobase.ch
-      secretName: api.memobase.oai.memobase.ch-tls
-  rules:
-    - host: oai.memobase.ch
-      http:
-        paths:
-          - path: /
-            backend:
-              serviceName: oai-service
-              servicePort: 9000

k8s-manifests/oai-prod-service.yaml

-apiVersion: v1
-kind: Service
-metadata:
-  namespace: memobase
-  name: oai-service
-  labels:
-    app: oai-api
-spec:
-  ports:
-    - port: 9000
-  selector:
-    app: oai-api
-    tier: web
-  clusterIP: None
\ No newline at end of file

k8s-manifests/test/oai-minikube-local-deploy.yaml

-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  #namespace: memobase
-  name: oai-deployment
-  labels:
-    app: oai-api
-spec:
-  selector:
-    matchLabels:
-      app: oai-api
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        app: oai-api
-        tier: web
-    spec:
-      #serviceAccountName: oai-service-account #to be able to manage other pods inside the cluster
-
-      containers:
-        - name: oai-api-prod-container
-          #image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/externalapis/oai:latest
-          image: guenterh/oaimemobase:latest
-          terminationMessagePolicy: FallbackToLogsOnError
-          ports:
-            - containerPort: 9000
-              name: http
-              protocol: TCP
-          imagePullPolicy: Always
-
-          volumeMounts:
-            - mountPath: /app/conf/oaiconfigmap
-              name: oaiconf
-            - mountPath: /app/conf/secureconfigmap
-              name: secureconf
-
-          env:
-            - name: RESPONSE_LISTLENGTH
-              value: "30"
-            - name: RESUMPTION_TOKEN_TTL
-              value: "3"
-            - name: ELASTICSEARCH_INDEX
-              value: oai-v2
-            - name: ELASTICSEARCH_HOSTS
-              value: 192.168.1.116
-            - name: ELASTICSEARCH_PORT
-              value: "8080"
-            - name: ELASTICSEARCH_CLUSTER
-              value: test-memobase-search-cluster
-      volumes:
-        - name: oaiconf
-          configMap:
-            name: configmap-oai-definitions
-            items:
-              - key: oai.conf
-                path: oai.conf
-        - name: secureconf
-          configMap:
-            name: configmap-oai-secure
-            items:
-              - key: secure.conf
-                path: secure.conf

k8s-manifests/test/oai-minikube-local-service.yaml

-apiVersion: v1
-kind: Service
-metadata:
-  #namespace: memobase
-  name: oai-service
-  labels:
-    app: oai-api
-spec:
-  type: NodePort
-  ports:
-    - port: 9000
-      nodePort: 30001
-  selector:
-    app: oai-api
-    tier: web
-  #clusterIP: None
\ No newline at end of file

local/env.txt

 RESPONSE_LISTLENGTH=30
 RESUMPTION_TOKEN_TTL=3
-ELASTICSEARCH_INDEX=oai-v2
-ELASTICSEARCH_HOSTS=localhost
-ELASTICSEARCH_PORT=8080
-ELASTICSEARCH_CLUSTER=test-memobase-search-cluster
+ELASTIC_INDEX=oai-v2
+ELASTIC_HOST=localhost
+ELASTIC_PORT=8080
+ELASTIC_CLUSTERNAME=test-memobase-search-cluster